static void SSLInfoCallback(const SSL* ssl, int where, int ret) { (void)ret; SocketUniquePtr s; SocketId id = (SocketId)SSL_get_app_data((SSL*)ssl); if (Socket::Address(id, &s) != 0) { // Already failed return; } if (where & SSL_CB_HANDSHAKE_START) { if (s->ssl_state() == SSL_CONNECTING) { s->set_ssl_state(SSL_CONNECTED); } else if (s->ssl_state() == SSL_CONNECTED) { // Disable renegotiation (CVE-2009-3555) LOG(ERROR) << "Close " << *s << " due to insecure " << "renegotiation detected (CVE-2009-3555)"; s->SetFailed(); } } }
int ChannelBalancer::AddChannel(ChannelBase* sub_channel, SelectiveChannel::ChannelHandle* handle) { if (NULL == sub_channel) { LOG(ERROR) << "Parameter[sub_channel] is NULL"; return -1; } BAIDU_SCOPED_LOCK(_mutex); if (_chan_map.find(sub_channel) != _chan_map.end()) { LOG(ERROR) << "Duplicated sub_channel=" << sub_channel; return -1; } SubChannel* sub_chan = new (std::nothrow) SubChannel; if (sub_chan == NULL) { LOG(FATAL) << "Fail to to new SubChannel"; return -1; } sub_chan->chan = sub_channel; SocketId sock_id; SocketOptions options; options.user = sub_chan; options.health_check_interval_s = FLAGS_channel_check_interval; if (Socket::Create(options, &sock_id) != 0) { delete sub_chan; LOG(ERROR) << "Fail to create fake socket for sub channel"; return -1; } SocketUniquePtr ptr; CHECK_EQ(0, Socket::Address(sock_id, &ptr)); if (!AddServer(ServerId(sock_id))) { LOG(ERROR) << "Duplicated sub_channel=" << sub_channel; // sub_chan will be deleted when the socket is recycled. ptr->SetFailed(); return -1; } _chan_map[sub_channel]= ptr.release(); // Add reference. if (handle) { *handle = sock_id; } return 0; }